Archives

Unix-privesc-checkeris a script that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases).It is written as a single shell script so it can be easily uploaded and run (as opposed to un-tarred, compiled and installed). It can run either as a normal user or as root (obviously it does a better job when running as root because it can read more files).Usage
The download is gzip’d, so gunzip it. Upload it to the server you’re auditing / pentesting then just run it:$ ./unix-privesc-check > output.txt
The output’s a bit messy (it’s hard to be neat with shell scripts), so you’re probably best to save the output and search it for the word ‘WARNING’. If you don’t see the word ‘WARNING’ then the script didn’t find anything. Example:$ ./unix-privesc-check
Starting unix-privesc-check v1.0 ( http://pentestmonkey.net/tools/unix-privesc-check )This script checks file permissions and other settings that could allow
local users to escalate privileges.